In short, continuous integration of digital control systems and distributed renewable energy sources is promoting the transition of modern power systems to Digital Power Grids. Although the changes above will increase energy use efficiency and system intelligence, they will also introduce new security risks. The traditional intrusion detection and cryptographic protection methods mainly use a passive response mode, and are thus unable to meet the demands of frequent changes in attack methods and various structures of grid nodes. Objectives: The design of a distributed, intelligent intrusion detection framework supporting cooperative learning and real-time threat response in multiple nodes of a digital power grid has been put forward, and data privacy has also been guaranteed. The framework can achieve good detection accuracy, scalability and operational efficiency simultaneously, and thus form a high-reliability cybersecurity detection system for power grids. Methods: This paper introduces a new Federated Attention-based Graph Intrusion Detection Network (FAG-IDN). The GNN module is used to acquire spatial topological information and other diffusion characteristics among grid nodes; an attention mechanism weighs different features according to their correlation strength to enhance the detection of subtle attack behaviours; and a federated learning module can have each substation train a model locally and then upload only encrypted parameters to a central server for collective optimisation of the whole system without exposing sensitive data. Results: Experimental evaluation of the UNSW-NB15 and PowerGrid-IDS datasets shows that the proposed FAG-IDN outperforms the previous optimal classifiers, such as Random Forest, Gradient Boosting and Voting Classifier, in terms of accuracy, F1-score, precision and recall. FAG-IDN had a mean accuracy of 99.1% on PowerGrid-IDS and 98.7% on UNSW-NB15, and thus outperformed the base model by 3-6%. In addition, the federated structure reduced communication overhead by 41 per cent compared with the centralised model, and the attention mechanism reduced false positives by 37 per cent to improve both the robustness and efficiency of a large-scale distributed environment. Conclusion: The FAG-IDN framework has been proposed to build a private-preserving, adaptive and scalable cyber-defense mechanism for digital power grids. FAG-IDN is a graph-structured learning method that conducts attention-driven adaptive feature selection and federated collaborative optimisation to achieve real-time, intelligent intrusion detection in distributed environments under conditions of data security. This study provides a strong support system for building a high-end autonomous, secure and intelligent next-generation digital power grid with self-learning, cross-domain adaptation and resilient cyber protection capabilities.
